IDA 9.0sp1

IDA 9.0.20241216 (SP1) December 19, 2024

This Service Pack of IDA 9.0 focuses on bugfixes, along with IDAPython API and SDK enhancements, introducing new, simplified endpoints. You can download the latest IDA installer from My Hex-Rays portal.

IDA Feeds improvements

We streamlined the IDA Feeds plugin execution and resolved issues with loading when idalib could not be located or was not correctly installed. Last but not least, we delivered UI enhancements to make the plugin experience more intuitive.

See also:

• Take a look at the IDA Feeds installation and configuration guide

Complete IDA Feeds changelist:

• added undo/redo context menu options for standalone app

• allow running the plugin without having to install and configure the idapro python module

• fall back to sequential probing when rpyc module is not available

• fill the already applied signatures on plugin initialization

• various usability and performance improvements

IDAPython / SDK improvements

We've added several helpers to improve the user experience using our APIs. These new endpoints, among other things, streamline managing and operating on types.

In the spirit of further improving accessibility & usage of our API, we also:

• updated the Porting Guide, considering recent API improvements.

• prepared new examples, mostly under Working with types category.

• revamped the IDAPython reference documentation to improve cross-referencing.

IDAPython / SDK changes:

• added tinfo_t convenience constructors

  • tinfo_t(c_decl:str) (to parse a C type definition)

  • tinfo_t(ordinal=N:int) to fetch by ordinal

  • tinfo_t(name=N:str) to fetch by name

  • tinfo_t(tid=N:int) to fetch by tid_t

• added tinfo_t.add_edm to simplify building enumerations

• added tinfo_t.add_udm convenience methods

• added tinfo_t.get_udm (either by name, or by index)

• added tinfo_t.get_udm_by_offset

• added tinfo_t iterators, for easy member manipulation:

  • tinfo_t.iter_struct

  • tinfo_t.iter_union

  • tinfo_t.iter_udt

  • tinfo_t.iter_enum

• added til_t.get_named_type and til_t.get_numbered_type, making it more idiomatic to retrieve types from a library

• added til_t.named_types and til_t.numbered_types generators

• added udt_type_data_t.get_best_fit_member

• added convenience funcarg_t constructors

• added convenience udm_t constructors

• added convenience edm_t constructor

• added many new examples of using core API functions into examples/types/

• added empty() method to udt member type (udm_t) and enum constant type (edm_t)

• func_type_data_t now defaults to CM_CC_UNKNOWN calling convention

• added append() and extend() to all qvector-based types

• added get_process_options2 to retrieve the list of environment variables

• the displayhook now uses __repr__, and not __str__, to print information

• expose get_undo_action_label(), get_redo_action_label()

• expose needed functions for checking if a file is a startup signature

UI improvements

Complete UI changelist:

• do not offer to apply startup signatures by default

• local types: allow adding comments on gaps by creating a dummy field automatically

• local types: enabled "Remove gap" action on padding bytes at the end of fixed layout struct

• local types: removed "repeatable" checkbox from the comment form since all such comments are repeatable

Other improvements

• installer: install defs.h header with decompiler helpers into include/

• kernel: added new parameters REGTRACK_MAX_XREFS, REGTRACK_MAX_BBLK_INSNS, REGTRACK_MAX_VALS to limit tracking in complex binaries

• licensing: show the number of floating license seats available in the "License manager" dialog

• lumina: improved the lumina_server's --recreate-schema help text

Complete list of bugfixes:

• BUGFIX: decompiler: fixed multiple interrs

• BUGFIX: decompiler: hxe_flowchart event would have the wrong argument 'fc'

• BUGFIX: decompiler: in rare cases a goto label would be misplaced

• BUGFIX: decompiler: refresh_ctext() would not refresh the function name if it was renamed

• BUGFIX: decompiler: split __asm blocks when there are interleaved instructions that have been optimized out

• BUGFIX: DWARF: fixed interr 2766 during debugger session

• BUGFIX: eh34: make exception blocks boundaries more precise

• BUGFIX: IDA Free/Home: fix misleading message when opening .idb files

• BUGFIX: ida_feeds: fixed mismatch in number of matchess when probing vs applying

• BUGFIX: ida_feeds: popup menu action was not displayed before running plugin once

• BUGFIX: idalib: a program using the C++ idalib API could crash on Windows

• BUGFIX: idalib: fixed crash when calling open_database() multiple times without closing

• BUGFIX: idalib: python activation script was not working with relative paths in Python 3.8

• BUGFIX: idalib: write informational messages to the default logging location instead of the console

• BUGFIX: IDAPython: Hexrays_Hooks.collect_warnings was not usable

• BUGFIX: IDAPython: IDP_Hooks.ev_get_abi_info was not usable

• BUGFIX: IDAPython: set_process_options() could not be used to set environment variables for debugging

• BUGFIX: IDAPython: using mop_t.make_insn could result in a double-free, and crash IDA

• BUGFIX: IDC: appcall could report an error instead of the function's return value

• BUGFIX: IDT: fixed potential crash when parsing corrupted ids files

• BUGFIX: installer: IDA Free for Linux was missing the local debugger

• BUGFIX: kernel: index comments for arrays inside structures would be wrong

• BUGFIX: kernel: fix stack overflow when parsing some incomplete types

• BUGFIX: kernel: fixed crash when parsing an invalid .sig file format

• BUGFIX: kernel: fixed crash when printing type with invalid base type

• BUGFIX: kernel: get_udm_tid() could crash if wrong idx was passed to it

• BUGFIX: kernel: parsing an ill-formed type could crash IDA

• BUGFIX: kernel: tinfo_t::get_innermost_udm() could crash with division by 0 if zero-sized members were present

• BUGFIX: merge: merging of a large fixed structure whith a small one was buggy

• BUGFIX: PC: disabling "Locate and create jump tables" analysis option was not honored by the processor module

• BUGFIX: PyQt5: IDA could crash or exit with iterr 1442 when using PyQt5 on Linux with Python 3.12

• BUGFIX: teams: vault_server could crash at the initialization or login time if it failed to open the sqlite database

• BUGFIX: UI: .wasm files were not listed in the "Open file" dialog by default

• BUGFIX: UI: IDA could fail to rename stack frame members from the disasembly view

• BUGFIX: UI: it was not possible to select the first line in hex view if it did't start on 16-alined address

• BUGFIX: UI: Local Types: do not apply filtering and ordering of the types chooser (the left pane) to the listing (the right pane) when "Show selection only" is off

• BUGFIX: UI: opening IDA without an IDB or a license and performing a check-for-update operation, could cause INTERR 41270

• BUGFIX: UI: pulling graph nodes too far up, could result in rendering glitches)

• BUGFIX: UI: switching between CLI interpreters didn't work if "new shortcuts" were enabled

• BUGFIX: UI: text search results in graph mode displayed labels instead of instructions

• BUGFIX: WASM: fix "out of order subsection" loader error on some files